Overview: We are seeking an experienced, hands-on Application Security Engineer with a passion for building secure products, automating security workflows, and influencing development teams to embed security into the product development lifecycle. Whether taking ownership as a Lead Engineer or growing deep technical skills as a Senior Engineer, there is an opportunity to make a measurable impact. Excelling at the core of Application Security-from secure design reviews, threat modeling to vulnerability discovery via penetration tests and remediation-is crucial, coupled with an engineering mindset that enhances overall impact. Additionally, there is a passion for building internal tools, scripting automation, and scaling security practices across diverse tech stacks as part of Cvent's Application Security Research & Engineering (ASRE) program. Great Opportunity To: Build and automate security programs that scale across hundreds of apps and services. Join the ASRE team to innovate at the forefront of Application Security. Work with teams who take security seriously and give you the support to make meaningful change. Grow in a role that offers both technical depth and leadership opportunities, depending on your experience and ambition. In This Role, You Will: Integrate and scale security across the SDLC, embedding tools like SAST, DAST, and SCA within CI/CD pipelines. Perform threat modeling, secure code and design reviews, penetration testing and risk assessments for new and existing features-including cloud-native and AI/ML systems. Develop internal tools to automate security testing, support securing cloud-native applications using AWS CDK (CDF), and governance processes using scripting languages like Python, JavaScript, TypeScript, or similar. Collaborate with engineering teams to remediate vulnerabilities identified via scans, manual testing, or external assessments. Partner with product and engineering teams to improve the security posture of APIs, web apps, mobile apps, and infrastructure. Communicate risks clearly to technical and non-technical audiences and support compliance efforts with ISO 27001, SOC2, and PCI. Drive strategy and contribute to the roadmap for application security programs across multiple product lines. Mentor senior and junior engineers, conduct peer reviews, and champion a security-first mindset across teams. Lead complex, cross-functional security initiatives and represent Application Security in technical design decisions at the architecture level. Work closely with Product & Engineering leadership to prioritize security objectives in line with Cvent's product roadmap. Here's What You Need: 8+ years of hands-on experience in application security or secure software development. Strong scripting/programming skills-able to automate tasks and build internal tools using Python, JavaScript, Bash, or similar. Experience with CI/CD toolchains and integration of security tools in SDLC. Strong familiarity with cloud platforms (AWS-preferred, GCP, or Azure) and principles of cloud-native security. Proficiency in security testing tools (e.g., BurpSuite, Checkmarx, Mend, Veracode, Fortify, ZAP, etc.). Strong grasp of OWASP Top 10, CWE, SANS Top 25, secure coding practices, and web application vulnerabilities. Demonstrated experience with increasing scope and leadership responsibilities in application security. Demonstrated ownership of security architecture, programs, or strategic initiatives across multiple teams. Proven track record of mentoring, leading by influence, and scaling security practices in product organizations. Deep experience in driving secure development transformations and partnering with engineering leadership. Bonus If You Have: • Experience securing AI/ML pipelines and understanding of adversarial ML or model privacy concerns. • Exposure to DevSecOps, SBOMs, IaC security, or supply chain risk management • Security certifications such as AWS Certified Security - Specialty, AWS Certified Solutions Architect - Associate/Professional, CSSLP, OSWE, GWAPT, CISSP, or similar Physical Demands We are not able to offer sponsorship for this position